On Wed, 2005-06-15 at 13:10 -0700, Russ Allbery wrote: > Ian Campbell <[EMAIL PROTECTED]> writes: > > > I might be talking out of my arse (99% probability ;-)) but I thought > > I'd heard that it was possible to store the pre-linking information > > separately to the binaries, under /var/cache or something for example. > > > Am/was I imagining things? > > One of the points of the md5sum verification is to ensure that the > binaries haven't been tampered with. If one can tamper with the binaries > by modifying some file in /var/cache instead, doesn't that just > reintroduce the same problem?
I guess so, but then the prelinking tool could just store the md5 sums of the prelink data files somewhere. Ian. -- Ian Campbell I HAVE to buy a new "DODGE MISER" and two dozen JORDACHE JEANS because my viewscreen is "USER-FRIENDLY"!!
signature.asc
Description: This is a digitally signed message part
